Twitter’s announcement that SMS-based two-factor authentication (2FA) will be available only to paying customers sparked criticism. Web hosting provider GoDaddy revealed it was victim to a cyberattack part of a multi-year campaign by a sophisticated group, while newly relaunched XSS Hunter tool now offers end-to-end encryption. Also, Belgium became the first European country to establish a national framework for ethical hackers.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is